Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site scripting vulnerabilities and exploits
(subscribe to this query)
450
VMScore
CVE-2009-2882
Multiple cross-site scripting (XSS) vulnerabilities in PG MatchMaking allow remote malicious users to inject arbitrary web script or HTML via the show parameter to (1) browse_ladies.php and (2) browse_men.php, the (3) gender parameter to search.php, and the (4) id parameter to se...
Datingpro Matchmaking
4 EDB exploits
435
VMScore
CVE-2013-0807
Cross-site scripting (XSS) vulnerability in the NewSectionPrompt function in include/tool/editing_page.php in gpEasy CMS 3.5.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the section parameter in a new_section action to index.php...
Gpeasy Gpeasy Cms 1.5
Gpeasy Gpeasy Cms 1.6.1
Gpeasy Gpeasy Cms 1.6.2
Gpeasy Gpeasy Cms 2.3.2
Gpeasy Gpeasy Cms 2.3.3
Gpeasy Gpeasy Cms 2.4
Gpeasy Gpeasy Cms 3.5
Gpeasy Gpeasy Cms 3.5.1
Gpeasy Gpeasy Cms 1.6
Gpeasy Gpeasy Cms 2.3
Gpeasy Gpeasy Cms 2.3.1
Gpeasy Gpeasy Cms 3.0.4
Gpeasy Gpeasy Cms 3.0.5
Gpeasy Gpeasy Cms 1.6.3
Gpeasy Gpeasy Cms 2.0.1
Gpeasy Gpeasy Cms 3.0
Gpeasy Gpeasy Cms 3.0.1
Gpeasy Gpeasy Cms
Gpeasy Gpeasy Cms 2.1
Gpeasy Gpeasy Cms 2.2
Gpeasy Gpeasy Cms 3.0.2
Gpeasy Gpeasy Cms 3.0.3
1 EDB exploit
440
VMScore
CVE-2010-4909
Multiple cross-site scripting (XSS) vulnerabilities in PaysiteReviewCMS 1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) q parameter to search.php or the (2) image parameter to image.php.
Mechbunny Paysitereviewcms 1.1
2 EDB exploits
355
VMScore
CVE-2019-15814
Multiple stored XSS vulnerabilities in Sentrifugo 3.2 could allow authenticated users to inject arbitrary web script or HTML.
Sentrifugo Sentrifugo 3.2
1 EDB exploit
685
VMScore
CVE-2006-4593
Cross-site scripting (XSS) vulnerability in index.php in SoftBB 0.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Softbb Softbb 0.1
1 EDB exploit
355
VMScore
CVE-2018-7465
An XSS issue exists in VirtueMart prior to 3.2.14. All the textareas in the backend of the plugin can be closed by simply adding </textarea> to the value and saving the product/config. By editing back the product/config, the editor's browser will execute everything aft...
Virtuemart Virtuemart
1 EDB exploit
435
VMScore
CVE-2011-1838
Multiple cross-site scripting (XSS) vulnerabilities in TemplateLogin.pm in TWiki prior to 5.0.2 allow remote malicious users to inject arbitrary web script or HTML via the origurl parameter to a (1) view script or (2) login script.
Twiki Twiki 4.1.2
Twiki Twiki 4.2.3
Twiki Twiki 4.0.4
Twiki Twiki 4.0.3
Twiki Twiki 4.2.0
Twiki Twiki
Twiki Twiki 5.0.0
Twiki Twiki 4.1.0
Twiki Twiki 4.0.5
Twiki Twiki 4.2.1
Twiki Twiki 4.1.1
Twiki Twiki 4.3.1
Twiki Twiki 4.2.4
Twiki Twiki 4.0.2
Twiki Twiki 4.0.1
Twiki Twiki 4.3.0
Twiki Twiki 4.3.2
Twiki Twiki 4.0.0
Twiki Twiki 4.2.2
Twiki Twiki 4.5.0
1 EDB exploit
355
VMScore
CVE-2018-11332
Stored cross-site scripting (XSS) vulnerability in the "Site Name" field found in the "site" tab under configurations in ClipperCMS 1.3.3 allows remote malicious users to inject arbitrary web script or HTML via a crafted site name to the manager/processors/sav...
Clippercms Clippercms 1.3.3
1 EDB exploit
435
VMScore
CVE-2018-11339
An XSS issue exists in Frappe ERPNext v11.x.x-develop b1036e5 via a comment.
Frappe Erpnext 11.x.x-develop B1036e5
1 EDB exploit
355
VMScore
CVE-2018-11403
DomainMod v4.09.03 has XSS via the assets/edit/account-owner.php oid parameter.
Domainmod Domainmod 4.09.03
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »